<?php
/**
 * Description of supervisorController
 *
 * @author Henson
 */
class SupervisorController{
	
    public function indexAction()
    {
		$supervisor = new Supervisor();
		if(_checkSuperLogin() && $supervisor->checkPermission())
		{
			$totalNum = $supervisor->getSupervisorTotal();
			$p = isset($_GET['p']) ? intval($_GET['p']) : 1;
			$pageUrl = '/index.php?r=supervisor';
			$page = new Page($p, $pageUrl, $totalNum, $supervisor->pageRow);
			$where = "where del='0' and loginname!= 'admin'";
			$orderBy = 'order by update_time desc, id desc';
			$limit = " limit ".($p -1 ) * $supervisor->pageRow .",".$supervisor->pageRow;
			$rows = $supervisor->getSupervisorList($where, $orderBy, $limit);
			foreach($rows as $key=>$value)
			{
				$rows[$key] = $supervisor->dealSupervisor($value);
			}
			$pageInfo['rows'] = $rows;
			$pageInfo['page'] = $page;
			$view = new view(); 
			$view->showPage('management/supervisorList.tpl.htm', $pageInfo);
		}
    }
	
	public function delAction()
	{
		$supervisor = new Supervisor();
		if(_checkSuperLogin())
		{
			if($supervisor->checkPermission())
			{
				$sid = @intval($_GET['sid']);
				if($sid > 0)
				{
					$updateArr = array();
					$updateArr['del'] = '1';
					if($supervisor->updateSupervisor($updateArr, $sid))
					{
						_showMessage('删除成功！', '/index.php?r=supervisor');
					}
					else
					{
						_errorShow("删除失败 ！");
					}
				}
				else
				{
					_errorShow("参数不正确！");
				}
			}
		}
	}

	public function addAction()
	{
		global $_CFG;
		$supervisor = new Supervisor();
		if(_checkSuperLogin() && $supervisor->checkPermission())
		{
			$pageInfo['permission'] = $_CFG['permissionShow'];
			$view = new view(); 
			$view->showPage('management/supervisorAdd.tpl.htm', $pageInfo);
		}
	}
	
	public function loginAction()
	{
		global $_CFG;
		$loginname = @htmlspecialchars(trim($_POST['loginname']), ENT_QUOTES);
		$password =  @md5(htmlspecialchars(trim($_POST['password']), ENT_QUOTES));
		$supervisor = new Supervisor();
		$supervisorInfo = $supervisor->getSupervisorByLoginname($loginname);
		if($supervisorInfo && $password == $supervisorInfo['password'])
		{
			$this->setCookie("uid", $supervisorInfo['id']);
			$this->setCookie("name", $supervisorInfo['loginname']);
			$this->setCookie("auth", md5($_CFG['secretKey'].$supervisorInfo['id']));
			echo "<script>top.location.href='/r_management/index.htm'</script>";die;
		}
		else
		{
			_errorShow("username or password is wrong");
		}
	}
	
	private function setCookie($name, $value)
	{
		setcookie("r_".$name, $value);
	}
	
	private function removeCookie($name)
	{
		setcookie("r_".$name, "", time() - 3600);	
	}

	public function logoutAction()
	{
		$this->removeCookie("uid");
		$this->removeCookie("name");
		$this->removeCookie("auth");
		echo '<script>top.location.href="/r_management/login.html";</script>';die;
	}
	
	public function saveAction()
	{
		if(_checkSuperLogin())
		{
			$supervisor = new Supervisor();
			if($supervisor->checkPermission())
			{
				$this->checkSupervisor();
				$insertArr = array();
				$insertArr['loginname'] = @htmlspecialchars(trim($_POST['loginname']), ENT_QUOTES);
				$insertArr['first_name'] = @htmlspecialchars(trim($_POST['first_name']), ENT_QUOTES);
				$insertArr['last_name'] = @htmlspecialchars(trim($_POST['last_name']), ENT_QUOTES);
				$insertArr['password'] = @md5(htmlspecialchars(trim($_POST['password']), ENT_QUOTES));
				$insertArr['department'] = @htmlspecialchars(trim($_POST['department']), ENT_QUOTES);
				$insertArr['job_title'] = @htmlspecialchars(trim($_POST['job_title']), ENT_QUOTES);
				$insertArr['cell_phone'] = @htmlspecialchars(trim($_POST['cell_phone']), ENT_QUOTES);
				$insertArr['office_phone'] = @htmlspecialchars(trim($_POST['office_phone']), ENT_QUOTES);
				$insertArr['email'] = @htmlspecialchars(trim($_POST['email']), ENT_QUOTES);
				if(isset($_POST['permission']) && count($_POST['permission']) > 0)
				{
					$insertArr['permission'] = implode(',', $_POST['permission']);
				}

				$sid = @intval($_POST['sid']);
				if($sid > 0)
				{
					if($supervisor->updateSupervisor($insertArr, $sid))
					{
						_showMessage('更新成功！', '/index.php?r=supervisor');
					}
					else
					{
						_errorShow("修改管理员不成功！");
					}
				}
				else
				{
					if($supervisor->insertSupervisor($insertArr))
					{
						_showMessage('添加成功！', '/index.php?r=supervisor');
					}
					else
					{
						_errorShow("添加管理员不成功！");
					}
				}
			}
		}
	}

	public function checkSupervisor()
	{
		$regArr = array(
			"loginname" => "#^[a-zA-Z ']{1,50}$#",
			"first_name" => "#^[a-zA-Z ']{1,50}$#",
			"last_name" => "#^[a-zA-Z ']{1,50}$#",
			"department" => "#^.{1,50}$#",
			"job_title" => "#^.{1,50}$#",
			"password" => "#^\w{1,20}$#",
			"confirm_password" => "same||password",
			"cell_phone" => "#^\d{3}-\d{7}$#",
			"office_phone" => "#^\d{3}-\d{7}$#",
			"email" => "#^[0-9a-zA-Z@\._]{1,100}$#",
		);
		foreach ($_POST as $key=>$item)
		{
			if(array_key_exists($key, $regArr))
			{
				$tempArr = explode('||', $regArr[$key]);
				if(count($tempArr) == 2)
				{
					if($tempArr[0] == "same")
					{
						if($item != $_POST[$tempArr[1]])
						{
							_errorShow("{$key} is invalid");
						}
					}
					elseif($tempArr[0] == "null")
					{
						if($item != "")
						{
							if(!preg_match($tempArr[1], $item))
							{
								_errorShow("{$key} is invalid");
							}
						}
					}
				}
				else
				{
					if(!preg_match($regArr[$key], $item))
					{
						_errorShow("{$key} is invalid");
					}
				}
			}
		}
	}
	
	public function detailAction()
	{
		if(_checkSuperLogin())
		{
			$superId = $_COOKIE['r_uid'];
			$supervisor = new Supervisor();
			$supervisorInfo = $supervisor->getSupervisorById($superId);
			$supervisorInfo = $supervisor->dealSupervisor($supervisorInfo);
			$view = new View();
			$pageInfo['row'] = $supervisorInfo; 
			$view->showPage("management/supervisorDetail.tpl.htm", $pageInfo);
		}
	}
	
	public function modifyAction()
	{
		if(_checkSuperLogin())
		{
			$sId = @intval($_GET['sid']);
			$supervisor = new Supervisor();
			$supervisorInfo = $supervisor->getSupervisorById($sId);
			$supervisorInfo = $supervisor->dealSupervisor($supervisorInfo);
			
			$view = new View();
			$pageInfo['row'] = $supervisorInfo; 
			$pageInfo['permission'] = array(
				'1' => 'Create/modify/cancel an event',
				'2' => 'Reserve/release tables',
				'3' => 'Cancel patrons’ reservation',
				'4' => 'Manage comments',
				'5' => 'Check log file by GPEB',
				'6' => 'Check log file by patron’s username'
			);
			$view->showPage("management/supervisorAdd.tpl.htm", $pageInfo);
		}
		else
		{
			header("Location: /r_management/login.html");
			die;
		}
	}
	
	public function resetpwAction()
	{
		$view = new View();
		@$view->showPage("management/supervisorResetpw.tpl.htm", $pageInfo);
	}
	
	public function resetSaveAction()
	{
		if(_checkSuperLogin())
		{
			$password = @htmlspecialchars(trim($_POST['password']), ENT_QUOTES);
			$confirm_password = @htmlspecialchars(trim($_POST['confirm_password']), ENT_QUOTES);
			if($password == $confirm_password)
			{
				$updateArr = array();
				$updateArr['password'] = md5($password);
				$updateArr['checkpw'] = '1';
				$supervisor = new Supervisor();
				if($supervisor->updateSupervisor($updateArr, $_COOKIE['r_uid']))
				{
					_showMessage('密码修改成功！', '/index.php?r=supervisor/detail');
				}
				else
				{
					_errorShow("密码更新失败！");
				}
			}
			else
			{
				_errorShow("两次密码必须一致！");
			}
		}
	}
}

?>
